Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e31362e302f32302d3230203d3e2036383439.roa
File: 33372e35322e31362e302f32302d3230203d3e2036383439.roa (raw, json)
Hash identifier: t0MHcwLZBz75yJb5YAZCXFqkS03W06whDqq4c/Aw/mg=
Subject key identifier: EC:D0:00:9B:25:A8:0C:49:61:3F:22:32:3C:F1:26:A5:5E:6B:03:5B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5DF771AD2491814A43D4461D7E529962D122ECC9
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e31362e302f32302d3230203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:32 +0000
ROA not before: Tue 20 Feb 2024 14:31:32 +0000
ROA not after: Tue 18 Feb 2025 14:36:32 +0000
asID: 6849
IP address blocks: 37.52.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:f7:71:ad:24:91:81:4a:43:d4:46:1d:7e:52:99:62:d1:22:ec:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:32 2024 GMT
Not After : Feb 18 14:36:32 2025 GMT
Subject: CN=ECD0009B25A80C49613F22323CF126A55E6B035B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:26:8e:00:e1:bd:00:d9:6c:7c:c1:b4:f3:ea:
3e:3d:68:e0:ac:b8:b2:28:d4:34:14:a3:1a:4e:6e:
d7:da:76:20:3c:51:8f:cd:2f:c5:d5:94:15:d7:04:
ff:7f:9c:98:09:3e:0d:88:27:9c:52:06:06:da:ec:
31:1b:9e:d1:4e:bc:03:a0:e0:f2:84:6f:cb:47:76:
d7:6a:ff:8b:33:ad:f1:1a:17:5b:68:cb:47:4c:a3:
40:16:73:13:c1:46:1d:c5:dd:3d:1e:3d:bb:d8:0c:
95:6a:44:b4:a8:85:4b:91:07:59:76:1d:6b:d5:9f:
03:a4:b9:d1:e3:59:7f:87:9e:69:5f:92:89:f6:93:
e9:68:b6:a3:49:04:9d:13:50:55:2e:97:e9:98:3e:
8e:99:8f:ff:4a:26:c5:5c:a7:66:6f:06:69:65:d7:
de:b7:e3:a2:47:67:6b:6f:b4:28:e7:4b:7c:ea:96:
5c:43:18:6b:e1:f5:70:a2:31:ee:1c:da:d2:cd:67:
82:87:b4:2c:09:6b:1e:12:2b:27:6d:1e:5a:97:1d:
cc:fc:23:2b:06:42:6f:d7:87:bb:b2:51:56:e3:ac:
f0:8d:ab:40:ca:4f:ae:bb:6e:2c:41:40:a9:47:8c:
53:20:31:47:59:51:61:d8:20:db:64:9a:69:4f:be:
7c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D0:00:9B:25:A8:0C:49:61:3F:22:32:3C:F1:26:A5:5E:6B:03:5B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e31362e302f32302d3230203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.16.0/20
Signature Algorithm: sha256WithRSAEncryption
89:ba:ea:40:99:10:08:29:46:5f:02:af:ba:7f:ca:ff:5b:b4:
88:1e:f9:8c:3d:45:72:d3:3c:e6:bd:62:b3:f1:2b:ef:58:d9:
7e:d3:d0:ac:41:67:83:80:4b:fc:01:1f:77:37:de:47:2f:c1:
f1:71:4d:8d:0f:bc:4c:f7:bd:9c:b2:47:09:5f:d8:58:1c:00:
6c:69:82:1c:67:88:b1:b3:b2:12:d1:9e:6f:34:3e:93:71:a4:
ad:9c:54:f9:67:29:55:b5:8c:c0:5d:25:77:63:6a:5a:a3:33:
a0:f2:22:1a:e3:f7:59:8f:a1:11:5e:3f:c8:34:42:59:2b:ca:
2b:ac:cd:f2:6a:63:e9:3f:dc:50:8c:24:f6:0d:a9:22:de:fa:
bf:b4:6c:ff:49:41:a8:33:8c:8e:d8:8b:1e:3d:f0:a1:87:08:
35:77:86:e5:b9:01:da:f1:0f:35:5d:f7:11:3f:90:bb:92:38:
4f:a7:25:df:f6:e5:fe:5d:66:7d:48:2d:d8:2b:3d:52:b6:2e:
a5:ff:24:c6:6d:db:29:d2:0b:14:ca:35:10:a8:c4:72:b9:56:
4d:b9:e6:2a:26:97:7c:42:be:8c:ca:dd:1a:66:5c:8c:a1:37:
aa:57:97:90:fc:62:f9:f2:19:f4:31:7b:34:dd:d3:06:b7:45:
f4:55:78:d5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUXfdxrSSRgUpD1EYdflKZYtEi7MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMzJaFw0yNTAyMTgxNDM2MzJaMDMxMTAvBgNV
BAMTKEVDRDAwMDlCMjVBODBDNDk2MTNGMjIzMjNDRjEyNkE1NUU2QjAzNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeJo4A4b0A2Wx8wbTz6j49aOCs
uLIo1DQUoxpObtfadiA8UY/NL8XVlBXXBP9/nJgJPg2IJ5xSBgba7DEbntFOvAOg
4PKEb8tHdtdq/4szrfEaF1toy0dMo0AWcxPBRh3F3T0ePbvYDJVqRLSohUuRB1l2
HWvVnwOkudHjWX+Hnmlfkon2k+lotqNJBJ0TUFUul+mYPo6Zj/9KJsVcp2ZvBmll
196346JHZ2tvtCjnS3zqllxDGGvh9XCiMe4c2tLNZ4KHtCwJax4SKydtHlqXHcz8
IysGQm/Xh7uyUVbjrPCNq0DKT667bixBQKlHjFMgMUdZUWHYINtkmmlPvnyxAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU7NAAmyWoDElhPyIyPPEmpV5rA1swHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzNjJl
MzAyZjMyMzAyZDMyMzAyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJTQQMA0G
CSqGSIb3DQEBCwUAA4IBAQCJuupAmRAIKUZfAq+6f8r/W7SIHvmMPUVy0zzmvWKz
8SvvWNl+09CsQWeDgEv8AR93N95HL8HxcU2ND7xM972cskcJX9hYHABsaYIcZ4ix
s7IS0Z5vND6TcaStnFT5ZylVtYzAXSV3Y2paozOg8iIa4/dZj6ERXj/INEJZK8or
rM3yamPpP9xQjCT2Daki3vq/tGz/SUGoM4yO2IsePfChhwg1d4bluQHa8Q81XfcR
P5C7kjhPpyXf9uX+XWZ9SC3YKz1Sti6l/yTGbdsp0gsUyjUQqMRyuVZNueYqJpd8
Qr6Myt0aZlyMoTeqV5eQ/GL58hn0MXs03dMGt0X0VXjV
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org